Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XL7a1H8k-QVvQo2hCo51yR9FzzA.roa
File: XL7a1H8k-QVvQo2hCo51yR9FzzA.roa (raw, json)
Hash identifier: wV8hP3oZkgRtdDdDmlpYhApmuGYHqV3jbGu1STab+Vg=
Subject key identifier: 5C:BE:DA:D4:7F:24:F9:05:6F:42:8D:A1:0A:8E:75:C9:1F:45:CF:30
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01904A5EA320125D67A85C22AE2C971D3DCE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XL7a1H8k-QVvQo2hCo51yR9FzzA.roa
Signing time: Mon 24 Jun 2024 13:10:34 +0000
ROA not before: Mon 24 Jun 2024 13:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 14:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:5e:a3:20:12:5d:67:a8:5c:22:ae:2c:97:1d:3d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 24 13:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cbedad47f24f9056f428da10a8e75c91f45cf30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3a:85:c6:8e:28:9d:bc:41:41:0d:b7:bc:49:
fa:08:12:d2:cb:25:64:35:a6:9e:81:a9:b0:1c:04:
4c:8c:a4:a4:fa:16:ca:24:55:3a:80:b7:1b:9c:b3:
11:a2:8a:c9:d8:ec:ee:05:9a:0a:3d:7c:1f:32:9b:
c0:f6:cb:d5:00:a8:ea:12:5f:84:c8:1a:ba:9d:ea:
91:f9:b3:cb:4a:09:93:6a:22:fb:ba:7b:97:f5:ad:
22:85:5e:c7:d6:05:06:9a:4e:94:d9:3b:58:18:9f:
44:6b:d6:ce:eb:5d:9a:00:88:09:3e:92:43:61:ed:
d9:a9:1d:4b:84:6d:ca:7d:2c:9c:40:75:b8:d9:01:
ed:7d:c9:ac:81:9f:fa:48:26:9e:13:46:ec:af:d8:
24:a6:35:90:82:6b:05:79:3d:6e:13:3c:c3:5d:67:
36:01:54:92:e6:e4:9e:3c:dc:d2:c0:c7:45:46:c4:
cf:bf:ad:a8:71:15:7d:f4:f6:91:be:da:f0:f7:e6:
c7:f7:dd:5b:4f:df:17:14:c6:b1:f0:81:c2:64:0a:
c0:53:c1:af:48:c4:e3:bc:fb:16:6d:5b:7f:c4:9e:
58:51:69:0c:81:c8:4f:6c:95:c9:2d:38:33:15:26:
3d:5d:37:be:d4:f2:a7:60:34:35:44:e0:17:ae:e7:
aa:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BE:DA:D4:7F:24:F9:05:6F:42:8D:A1:0A:8E:75:C9:1F:45:CF:30
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XL7a1H8k-QVvQo2hCo51yR9FzzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:20:e1:0e:7b:ed:99:0f:f5:7b:33:1d:e9:3a:d7:2b:a9:cd:
ae:31:8e:f1:56:d9:ff:15:1a:1e:cd:95:2e:7c:f1:3a:c6:53:
89:48:cf:f4:b2:2c:74:e9:2f:ed:a4:48:c5:9a:5c:df:79:e8:
79:a1:bd:11:00:b6:1e:1c:ad:8e:9e:84:ca:cd:47:9b:4d:21:
82:6c:49:39:c8:27:70:1a:84:c5:d0:26:22:29:42:42:b3:24:
89:e2:d0:3a:1a:4a:75:a3:a6:20:03:1d:be:77:ba:55:be:39:
46:a0:3f:85:9a:cb:b0:9a:9a:21:57:45:25:8c:f6:9c:40:2f:
54:fc:35:72:2d:5b:e0:59:79:ad:e7:83:0f:ce:83:1b:9f:17:
0b:ab:93:32:18:18:e4:0b:d4:32:83:a2:ab:6b:c0:2c:41:41:
a2:37:59:c4:07:a3:27:8c:21:45:92:a9:69:21:2b:69:7c:26:
26:79:a0:c2:d7:f0:3e:57:48:6a:88:d4:a1:5d:ab:9f:91:8c:
f7:c5:73:16:d0:37:d4:5a:41:f2:97:a6:11:62:0f:49:2e:c1:
11:84:8b:76:32:b5:5f:a6:15:5c:9c:f0:f4:c0:78:97:0b:4e:
38:3b:4b:1d:ec:50:8e:45:ad:43:75:ba:1f:95:4c:3f:65:53:
0a:4a:14:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBKXqMgEl1nqFwiriyXHT3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI0MTMxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JlZGFkNDdmMjRmOTA1NmY0MjhkYTEwYThlNzVjOTFmNDVjZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTqFxo4onbxBQQ23vEn6CBLSyyVk
NaaegamwHARMjKSk+hbKJFU6gLcbnLMRoorJ2OzuBZoKPXwfMpvA9svVAKjqEl+E
yBq6neqR+bPLSgmTaiL7unuX9a0ihV7H1gUGmk6U2TtYGJ9Ea9bO612aAIgJPpJD
Ye3ZqR1LhG3KfSycQHW42QHtfcmsgZ/6SCaeE0bsr9gkpjWQgmsFeT1uEzzDXWc2
AVSS5uSePNzSwMdFRsTPv62ocRV99PaRvtrw9+bH991bT98XFMax8IHCZArAU8Gv
SMTjvPsWbVt/xJ5YUWkMgchPbJXJLTgzFSY9XTe+1PKnYDQ1ROAXrueqlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFy+2tR/JPkFb0KNoQqOdckfRc8wMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWEw3YTFIOGstUVZ2UW8yaENvNTF5UjlGenpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHYg4Q577ZkP9XszHek6
1yupza4xjvFW2f8VGh7NlS588TrGU4lIz/SyLHTpL+2kSMWaXN956HmhvREAth4c
rY6ehMrNR5tNIYJsSTnIJ3AahMXQJiIpQkKzJIni0DoaSnWjpiADHb53ulW+OUag
P4Way7CamiFXRSWM9pxAL1T8NXItW+BZea3ngw/OgxufFwurkzIYGOQL1DKDoqtr
wCxBQaI3WcQHoyeMIUWSqWkhK2l8JiZ5oMLX8D5XSGqI1KFdq5+RjPfFcxbQN9Ra
QfKXphFiD0kuwRGEi3YytV+mFVyc8PTAeJcLTjg7Sx3sUI5FrUN1uh+VTD9lUwpK
FPw=
-----END CERTIFICATE-----
Generated at Mon Jun 24 20:20:31 2024 by rpki-client on console-ams.rpki-client.org